diff options
author | Michael Scherer <misc@mageia.org> | 2011-01-13 18:12:31 +0000 |
---|---|---|
committer | Michael Scherer <misc@mageia.org> | 2011-01-13 18:12:31 +0000 |
commit | d3afcb16658f3486a4a41fcd57a2b067e4848ce7 (patch) | |
tree | e91d81a8383dcf93e0a422aa2838de00627874dc /modules/pam/manifests | |
parent | 4d79949ce968bfef4b699d67ad2b647afcbe3c8f (diff) | |
download | puppet-d3afcb16658f3486a4a41fcd57a2b067e4848ce7.tar puppet-d3afcb16658f3486a4a41fcd57a2b067e4848ce7.tar.gz puppet-d3afcb16658f3486a4a41fcd57a2b067e4848ce7.tar.bz2 puppet-d3afcb16658f3486a4a41fcd57a2b067e4848ce7.tar.xz puppet-d3afcb16658f3486a4a41fcd57a2b067e4848ce7.zip |
allow to use multiple group for the access with pam
Diffstat (limited to 'modules/pam/manifests')
-rw-r--r-- | modules/pam/manifests/init.pp | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/modules/pam/manifests/init.pp b/modules/pam/manifests/init.pp index e6e37bb8..732957c4 100644 --- a/modules/pam/manifests/init.pp +++ b/modules/pam/manifests/init.pp @@ -43,13 +43,20 @@ class pam { content => template("pam/ldap.conf") } } + + define multiple_ldap_access($access_classes) { + include base + } - # beware , this two classes are exclusive + # beware , this two classes are exclusives + # if you need multiple group access, you need to define you own class + # of access # for server where only admins can connect class admin_access { - $access_class = "admin" - include base + multiple_ldap_access { "admin_access": + access_classes => ['mga-sysadmin'] + } } # for server where people can connect with ssh ( git, svn ) @@ -59,8 +66,11 @@ class pam { # user, and erase the password ( see pam_auth.c in openssh code, seek badpw ) # so the file must exist # permission to use svn, git, etc must be added separatly + include restrictshell::shell - $access_class = "committers" - include base + + multiple_ldap_access { "committers_access": + access_classes => ['mga-commiters'] + } } } |